﻿<?php
	include '../inc/conn.php';
?>
<!DOCTYPE html>
<html>
<head>
<title>用户管理单</title>
<meta http-equiv="content-type" content="text/html;charset=utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<!-- <link rel="stylesheet" href="https://cdn.staticfile.org/twitter-bootstrap/3.3.7/css/bootstrap.min.css">-->
<link rel="stylesheet" href="/css/bootstrap.min.css">
<script src="/js/jquery.min.js"></script>
<script src="/js/bootstrap.min.js"></script>
<?
	session_start();
	extract($_POST);
	extract($_GET);
	unset($_POST,$_GET);

	if ($act == "log" && isset($username) && isset($passwd)){
		$username=htmlspecialchars_decode($username);
		$db = new mysql();
		$sql="select * from users where Name='${username}' and Password='".md5($passwd)."' and enable=1";
		$db->query($sql);
		$num = $db->db_num_rows();
		if ($num == 0){
			echo "<script>alert('找不到用户信息，账号或密码错误！');window.location='userinfo.php';</script>";
		}else{
			$row = $db->fetch_assoc();
			$_SESSION['ID']=$row['ID'];
			$_SESSION['logname']=$username;
			$_SESSION['logchnname']=$row['chn_name'];
			$_SESSION['user']=1;
			$_SESSION['useradmin']=$row['level'];
			$_SESSION['dept']=$row['Department'];

			if($row['level']==0)
				$_SESSION['admin']=1;

			$db->close();
			echo "<script>window.location='admin_index.php?name=daily';</script>";
		}
	}

	if ($act == "update" && isset($username) && isset($password) && isset($id)){
		if(strlen($password)<=1)
		{
			echo "<script>alert('密码太短！不能设定新密码！！！！');window.location='userinfo.php?id=${id}';</script>";
		}else{
			$db = new mysql();
			$table = "users";
			$condition = "id=${id}";
			$mod_content="Password='".md5($password)."', Department='".htmlentities($department,ENT_QUOTES)."'";	
			$db->update($table, $mod_content, $condition);
			echo "<script>alert('密码已更新');window.location='userinfo.php?id=${id}';</script>";
			$db->close();
		}
	}
/*
	if (isset($passwd) && $passwd == $PasswdAdmin){
		$_SESSION['user']=1;
	}
*/

?>
</head>
<body class="background">
<?
		include "admin_top.php";
?>
<div class="container-fluid">
<? if ($_SESSION['user'] != 1){  ?>
<div class="panel panel-primary">
    <div class="panel-heading">
        <h3 class="panel-title">用户登录</h3>
    </div>
    <div class="panel-body">
		<div class="well"> 
			<div class="form-group">
				<form class="form-inline" action="userinfo.php?act=log" method="post">
					用户：<input type="text"  placeholder="User name" class="form-control" name="username">
					密码：<input type="password"  placeholder="Password" class="form-control" name="passwd">
					<button type="submit" class="btn btn-default">登录</button>
				</form>
			</div>
		</div>
	</div>	
</div>
<? 
	} else if(isset($id)){
		$db = new mysql();
		$sql = "select * from users where id=${id}";
		$db->query($sql);
		$num = $db->db_num_rows();
		if ($num == 0)
			die("No data was found!");
		$row = $db->fetch_assoc();
?>
		<div class="panel panel-primary">
			<div class="panel-heading">
				<h3 class="panel-title">用户管理</h3>
			</div>
			<div class="panel-body">
				<div class="well"> 
					<div style="form-group">
						<form action="userinfo.php?act=update&id=<? echo $row['ID']; ?>" method="post" class="form-inline">
							用名：<input type="text" class="input-medium" name="username" readonly="readonly" value="<? echo $row['Name']; ?>">
							中文名：<input type="text" class="input-medium" name="chnname" readonly="readonly" value="<? echo $row['chn_name']; ?>">
							密码：<input type="password"  placeholder="Password" class="input-medium" name="password">
							部门：<select name="department" id="department" class="span1">
									<option value="TE" <? if ($row['Department'] == "TE") echo 'selected="selected"'; ?>>TE</option>
									<option value="EE" <? if ($row['Department'] == "EE") echo 'selected="selected"'; ?>>EE</option>
									<option value="IE" <? if ($row['Department'] == "IE") echo 'selected="selected"'; ?>>IE</option>
									<option value="ME" <? if ($row['Department'] == "ME") echo 'selected="selected"'; ?>>ME</option>
									<option value="PE" <? if ($row['Department'] == "PE") echo 'selected="selected"'; ?>>PE</option>
									<option value="RT" <? if ($row['Department'] == "RT") echo 'selected="selected"'; ?>>RT</option>
								</select>
							<button type="submit" class="btn btn-info">修改</button>
						</form>
					</div>
				</div>
			</div>
<? 
		$db->close();	
		echo "</div>";
	}
	echo "</div>";
	include '../bottom.php';
	$db->close();
?>
</body>
</html>
